modsecurity-3.0.10-bp155.3.3.1 4>$  Apd͊I%z 2OmRL$PEr%Y{Y}Azȱr}I$uW"MĜ,,oe -`'=f*F~Yj^s O +fᘸ $0RBX&sgM~ng⪝:DϹyCok(W"A"<ɕ0u}v)̊_-BV pALE"1VM<7yAdjoQ %i13Epm;R&2r3wHEư^Z$Lt4Q3 e\1/8 :@Ӕ_^7݊ #h+ܒ7b6l871adKkfqFx#fO4FBOdU՛J5I6鸌i݇QS#ZRvkv 8>HQErjg4 ۦpĻHupopd V&o\LfzSLdaQT[2Oz@#lTVWO_{;/9rm,mxUpKDAdԶZ07TrhuZBXp>:$?:d ! A %BHP\ b h t  &P\|k(8 9 : F6(G6DH6PI6\X6`Y6h\6]6^6b7c7d8Te8Yf8\l8^u8tv8w9px9|y9 z9999:Cmodsecurity3.0.10bp155.3.3.1Web application firewall engineModSecurity is a toolkit for real-time web application monitoring, logging, and access control.dobs-power9-06ZSUSE Linux Enterprise 15openSUSEBSD-2-Clausehttp://bugs.opensuse.orgProductivity/Networking/Securityhttps://www.modsecurity.org/linuxppc64le.,]A큤dddN84549b9c6dd0a97e646f1b00a1e7296097792a3426d49de128c7dbc01b94f179c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4rootrootrootrootrootrootmodsecurity-3.0.10-bp155.3.3.1.src.rpmmodsecuritymodsecurity(ppc-64)@@@@@@@@@@@    libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libgcc_s.so.1()(64bit)libgcc_s.so.1(GCC_3.0)(64bit)libmodsecurity.so.3()(64bit)libstdc++.so.6()(64bit)libstdc++.so.6(CXXABI_1.3)(64bit)libstdc++.so.6(GLIBCXX_3.4)(64bit)libstdc++.so.6(GLIBCXX_3.4.11)(64bit)libstdc++.so.6(GLIBCXX_3.4.21)(64bit)libstdc++.so.6(GLIBCXX_3.4.9)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3ddZ5c]bb_*@[I[CN@[:Z@David Anes Danilo Spinella Michael Ströder Georg Pfuetzenreuter Ferdinand Thiessen Dirk Mueller jengelh@inai.demrostecki@suse.commrostecki@suse.commrostecki@suse.com- Update to version 3.0.10: * Security impacting issue (fix bsc#1213702, CVE-2023-38285) - Fix: worst-case time in implementation of four transformations - Additional information on this issue is available at https://www.trustwave.com/resources/blogs/spiderlabs-blog/modsecurity-v3-dos-vulnerability-in-four-transformations-cve-2023-38285/ * Enhancements and bug fixes - Add TX synonym for MSC_PCRE_LIMITS_EXCEEDED - Make MULTIPART_PART_HEADERS accessible to lua - Fix: Lua scripts cannot read whole collection at once - Fix: quoted Include config with wildcard - Support isolated PCRE match limits - Fix: meta actions not applied if multiMatch in first rule of chain - Fix: audit log may omit tags when multiMatch - Exclude CRLF from MULTIPART_PART_HEADER value - Configure: use AS_ECHO_N instead echo -n - Adjust position of memset from 2890- Update to version 3.0.9: * Add some member variable inits in Transaction class (possible segfault) * Fix: possible segfault on reload if duplicate ip+CIDR in ip match list * Resolve memory leak on reload (bison-generated variable) * Support equals sign in XPath expressions * Encode two special chars in error.log output * Add JIT support for PCRE2 * Support comments in ipMatchFromFile file via '#' token * Use name package name libmaxminddb with pkg-config * Fix: FILES_TMP_CONTENT collection key should use part name * Use AS_HELP_STRING instead of obsolete AC_HELP_STRING macro * During configure, do not check for pcre if pcre2 specified * Use pkg-config to find libxml2 first * Fix two rule-reload memory leak issues * Correct whitespace handling for Include directive - Fix CVE-2023-28882, a segfault and a resultant crash of a worker process in some configurations with certain inputs, bsc#1210993- Update to version 3.0.8 * Adjust parser activation rules in modsecurity.conf-recommended [#2796] * Multipart parsing fixes and new MULTIPART_PART_HEADERS collection [#2795] * Prevent LMDB related segfault [#2755, #2761] * Fix msc_transaction_cleanup function comment typo [#2788] * Fix: MULTIPART_INVALID_PART connected to wrong internal variable [#2785] * Restore Unique_id to include random portion after timestamp [#2752, #2758]- Update to version 3.0.7 * Support PCRE2 * Support SecRequestBodyNoFilesLimit * Add ctl:auditEngine action support * Move PCRE2 match block from member variable * Add SecArgumentsLimit, 200007 to modsecurity.conf-recommended * Fix memory leak when concurrent log includes REMOTE_USER * Fix LMDB initialization issues * Fix initcol error message wording * Tolerate other parameters after boundary in multipart C-T * Add DebugLog message for bad pattern in rx operator * Fix misuses of LMDB API * Fix duplication typo in code comment * Fix multiMatch msg, etc, population in audit log * Fix some name handling for ARGS_*NAMES: regex SecRuleUpdateTargetById, etc. * Adjust confusing variable name in setRequestBody method * Multipart names/filenames may include single quote if double-quote enclosed * Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended- Update to version 3.0.6 * Security issue: Support configurable limit on depth of JSON parsing, possible DoS issue. CVE-2021-42717 - Update to version 3.0.5 * New: Having ARGS_NAMES, variables proxied * Fix: FILES variable does not use multipart part name for key * GeoIP: switch to GEOIP_MEMORY_CACHE from GEOIP_INDEX_CACHE * Support configurable limit on number of arguments processed * Adds support to lua 5.4 * Add support for new operator rxGlobal * Fix: Replaces put with setenv in SetEnv action * Fix: Regex key selection should not be case-sensitive * Fix: Only delete Multipart tmp files after rules have run * Fixed MatchedVar on chained rules * Fix IP address logging in Section A * Fix: rx: exit after full match (remove /g emulation); ensure capture groups occuring after unused groups still populate TX vars * Fix rule-update-target for non-regex * Fix Security Impacting Issues: * Handle URI received with uri-fragment, CVE-2020-15598- add baselibs, fix packaging (install into %_libdir) - update to 3.0.4: - Fix: audit log data omitted when nolog,auditlog - Fix: ModSecurity 3.x inspectFile operator does not pass - XML: Remove error messages from stderr - Filter comment or blank line for pmFromFile operator - Additional adjustment to Cookie header parsing - Restore chained rule part H logging to be more like 2.9 behaviour - Small fixes in log messages to help debugging the file upload - Fix Cookie header parsing issues - Fix rules with nolog are logging to part H - Fix argument key-value pair parsing cases - Fix: audit log part for response body for JSON format to be E - Make sure m_rulesMessages is filled after successfull match - Fix @pm lookup for possible matches on offset zero. - Regex lookup on the key name instead of COLLECTION:key - Missing throw in Operator::instantiate - Making block action execution dependent of the SecEngine status - Making block action execution dependent of the SecEngine status - Having body limits to respect the rule engine state - Fix SecRuleUpdateTargetById does not match regular expressions - Adds missing check for runtime ctl:ruleRemoveByTag - Adds a new operator verifySVNR that checks for Austrian social security numbers. - Fix variables output in debug logs - Correct typo validade in log output - fix/minor: Error encoding hexa decimal. - Limit more log variables to 200 characters. - parser: fix parsed file names - Allow empty anchored variable - Fixed FILES_NAMES collection after the end of multipart parsing - Fixed validateByteRange parsing method - Removes a memory leak on the JSON parser - Enables LMDB on the regression tests. - Fix: Extra whitespace in some configuration directives causing error - Refactoring on Regex and SMatch classes. - Fixed buffer overflow in Utils::Md5::hexdigest() - Implemented merge() method for ConfigInt, ConfigDouble, ConfigString - Adds initially support to the drop action. - Complete merging of particular rule properties - Replaces AC_CHECK_FILE with 'test -f' - Fix inet addr handling on 64 bit big endian systems - Fix tests on FreeBSD - Changes ENV test case to read the default MODSECURTIY env var - Regression: Sets MODSECURITY env var during the tests execution - Fix setenv action to strdup key=variable - Allow 0 length JSON requests. - Fix "make dist" target to include default configuration - Replaced log locking using mutex with fcntl lock - Correct the usage of modsecurity::Phases::NUMBER_OF_PHASES - Adds support to multiple ranges in ctl:ruleRemoveById - Rule variable interpolation broken - Make the boundary check less strict as per RFC2046 - Fix buffer size for utf8toUnicode transformation - Fix double macros bug - Override the default status code if not suitable to redirect action - parser: Fix the support for CRLF configuration files - Organizes the server logs - m_lineNumber in Rule not mapping with the correct line number in file - Using shared_ptr instead of unique_ptr on rules exceptions - Changes debuglogs schema to avoid unecessary str allocation - Fix the SecUnicodeMapFile and SecUnicodeCodePage - Changes the timing to save the rule message - Fix crash in msc_rules_add_file() when using disruptive action in chain - Fix memory leak in AuditLog::init() - Fix RulesProperties::appendRules() - Fix RULE lookup in chained rules - @ipMatch "Could not add entry" on slash/32 notation in 2.9.0 - Using values after transformation at MATCHED_VARS - Adds support to UpdateActionById. - Add correct C function prototypes for msc_init and msc_create_rule_set - Allow LuaJIT 2.1 to be used - Match m_id JSON log with RuleMessage and v2 format - Adds support to setenv action. - Adds new transaction constructor that accepts the transaction id as parameter. - Adds request IDs and URIs to the debug log - Treating variables exception on load-time instead of run time. - Fix: function m.setvar in Lua scripts and add testcases - Fix SecResponseBodyAccess and ctl:requestBodyAccess directives - Fix OpenBSD build - Fix parser to support GeoLookup with MaxMind - parser: Fix simple quote setvar in the end of the line - Fix pc file - modsec_rules_check: uses the gnu `.la' instead of `.a' file - good practices: Initialize variables before use it - Fix utf-8 character encoding conversion - Adds support for ctl:requestBodyProcessor=URLENCODED - Add LUA compatibility for CentOS and try to use LuaJIT first if available - Allow LuaJIT to be used - Implement support for Lua 5.1 - Variable names must match fully, not partially. Match should be case insensitive. - Improves the performance while loading the rules - Allow empty strings to be evaluated by regex::searchAll - Adds basic pkg-config info - Fixed LMDB collection errors - Fixed false positive MULTIPART_UNMATCHED_BOUNDARY errors - Fix ip tree lookup on netmask content - Changes the behavior of the default sec actions - Refactoring on {global,ip,resources,session,tx,user} collections - Fix race condition in UniqueId::uniqueId() - Fix memory leak in error message for msc_rules_merge C APIs - Return false in SharedFiles::open() when an error happens - Use rvalue reference in ModSecurity::serverLog - Build System: Fix when multiple lines for curl version. - Checks if response body inspection is enabled before process it - Code Cleanup. - Fix setvar parsing of quoted data - Fix LDFLAGS for unit tests. - Adds time stamp back to the audit logs - Disables skip counter if debug log is disabled - Cosmetics: Represents amount of skipped rules without decimal - Add missing escapeSeqDecode, urlEncode and trimLeft/Right tfns to parser - Fix STATUS var parsing and accept STATUS_LINE var for v2 backward comp. - Fix memory leak in modsecurity::utils::expandEnv() - Initialize m_dtd member in ValidateDTD class as NULL - Fix broken @detectxss operator regression test case - Fix utils::string::ssplit() to handle delimiter in the end of string - Fix variable FILES_TMPNAMES - Fix memory leak in Collections - Fix lib version information while generating the .so file - Adds support for ctl:ruleRemoveByTag - Fix SecUploadDir configuration merge - Include all prerequisites for "make check" into dist archive - Fix: Reverse logic of checking output in @inspectFile - Adds support to libMaxMind - Adds capture action to detectXSS - Temporarily accept invalid MULTIPART_SEMICOLON_MISSING operator - Adds capture action to detectSQLi - Adds capture action to rbl - Adds capture action to verifyCC - Adds capture action to verifySSN - Adds capture action to verifyCPF - Prettier error messages for unsupported configurations (UX) - Add missing verify*** transformation statements to parser - Fix a set of compilation warnings - Check for disruptive action on SecDefaultAction. - Fix block-block infinite loop. - Correction remove_by_tag and remove_by_msg logic. - Fix LMDB compile error - Fix msc_who_am_i() to return pointer to a valid C string - Added some cosmetics to autoconf related code - Fix "make dist" target to include necessary headers for Lua - Fix "include /foo/*.conf" for single matched object in directory - Add missing Base64 transformation statements to parser - Fixed resource load on ip match from file - Fixed examples compilation while using disable-shared - Fixed compilation issue while xml is disabled - Having LDADD and LDFLAGS organized on Makefile.am - Checking std::deque size before use it - perf improvement: Added the concept of RunTimeString and removed all run time parser. - perf improvement: Checks debuglog level before format debug msg - perf. improvement/rx: Only compute dynamic regex in case of macro - Fix uri on the benchmark utility - disable Lua on systems with liblua5.1- Remove rhetoric part from descriptions.- Remove libltdl7 from build dependencies- Make use of %license macro - Make use of %{version} variable - Sort dependencies alphabetically- Initial releaseobs-power9-06 16940766003.0.10-bp155.3.3.13.0.10-bp155.3.3.1modsec-rules-checkmodsecurityLICENSE/usr/bin//usr/share/licenses//usr/share/licenses/modsecurity/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:18064/openSUSE_Backports_SLE-15-SP5_Update/0682298853c0e2d2d6071a5b5338ca11-modsecurity.openSUSE_Backports_SLE-15-SP5_Updatecpioxz5ppc64le-suse-linuxELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=a434079c5c9885e6809418aab2f3f66ba964d16c, for GNU/Linux 3.10.0, not strippeddirectoryASCII text RRRRR R RRRRRzy#N.]虾5utf-865f7b61c1a77d125380bd3b12f1a16a1e04094e523cbc320f454612d5f9d2be1? 7zXZ !t/]/] crv9wyUwdb0c\}siK! -wMWMŌ^5Q)!p"~Qxɭ|DG役 pb Y9]H`A {[\|ywgYj{nԶ!نѫZ&L]{mt^ +_{gh{1U^T{7C[PcϷ]DeV]"mWH BZ\ ,H- l&BU$VRõ5e7\IK vzŃ+@Hj:IKu\˲S>Nkv97p ۴rnC:r?KA-xXdDՀG\y=_Co}8~Α^nv0r«Y J{_lI P~֝X1 6%˛߀H9ij!yݣvMTv3p}*K^q95][cg|xr*sB7?N29hVHu!c&LHRϿ$bv:eVE(dyxOū6pkWΘ\`v2*Q08ˆQw$đ;rZ4d:$<:6=`VB[oJ@Ӗ @XYA:!/Osuӫ*d/b^+-Mg- ~ׄnaU@XUW HǧoNyZMx>$/BK'9?cݬ3bpnuHc+(8f >7duSmF&"G3ܱV,(?&hԑchL!!g?x9r#nz؊.,yPW4YN :X%%x^4V]Sg8契x`wkV鈞(rf(6n3gh%M;=yL$z0eb;WXC/&6w-ud"dQajm(?xJ8kRq6} ޝ"5N*YKK+*b$;h6z!BV{Hc*_o(TZɿTj.H$59ƺ2,(}}$n2X=Q$gX`̯:fSˬ?3ќw1DZbo`3 ,5Va(b/X$~M04 56`, }g6Q7ghd"6]oZmhޔk<"B۞Z|Q넌(D<>& S"-i)0sg:g'K \92 S^^+y.DKq@(̎|pY2Bi4n}䦩Oե?f ! r.092i EƏwuBJCgyE&˨"N#%;oQ1y) dc6{gQmgm5U,}X4v :?OVu_/%3*S̘q(v&cU^q5[4Mރ [fz#;P!:BЬ",Mko1c hDL8k#rCYU6(i ^M _*9d1P w~0[38>%Eҫ{%q++A[c{B+K87Jn<6i5Fq<žrLӏrqNbc.//00FȞ3D?u^hL>ybYFY!*_gB!z:NnX.|;%zLK):3&&X薺e%E8,Q6(wp!|L"Z/׶98@x舝ۃO΢PH,K+z90U߁9s-fU~. ˰$h:~ۀ WU=gaq,EA>D1wk_n rkNmB,l7fcI5OkY\,8K#xW3s JC֑5s M*r;a"~S!(ZP\ ʣLYYZzA>SP0>3JBfjù2ե= XԒH|Wʣwή`{m7sd^?5^)^-@k~X5un4 sv"/溰/T@^\(ϻʼn~/grax6}ұy6595;Wσ;|X*!x<ïTصZuaQm>ѡgs̃b[cf$|W)jJN(U}~Pl&lx/ku:v*{IiM-"˺FpLHݩS =DEy.w^¥&UWFrh#7RbDZ B.w\75=5_9KTwb]kJUy‰d颜lJtiKL\?v᫏ߐq؅( 6r@ ).ZǦy?oN g*RS|kPɎ^οQB!, u11Fw9y#RFŹ+XW#nx<ښXߛ(Bz @tkƙcdcL6,:;vuٻf(ytumPi%+nDFU! Ja+X[SQӏy!OVi6n"W(V$$Gmқ/AHFͭi7TT.҃al:֡ cP;& y`BC+|Z~2Hà^Kj8aui_' g4Dih#ߋ1t, @-vT f#YII|RS>?g>5q<wVbUh䰉i/ tOV%UMчg{b?7Cɯ.Y4pMfh aBFFA,n $AtAHU+XL a̙A2ıYWc T›2wn( `2y #"Hz&P!+h5Qm'V  $hc0?iHc֟3d`f\ഺ*&\2б?|zՔ ^WE[/ -(Ĭ]޵!j c ݏ,ON%#&TUqjz@)  ˨D B*7O1xX ڥ8/VvA^A{LveqFH>TO²&7V8EHر6YN‚N#5Cqbe Hz:|qs ƶ;B \%3!B6>᰽_]2_>z9QtUtA ).l sMu yY4*[xŧ qpQ|3@pK-xt'tDCc v5B*Q$Vo!ڋHndhP ^}5KXD@.8TLS٧]GVaK:(Wm[t42<^I2MKыD`a/,aAFEƭgvgIYĹa0k:XC-(ٖҟ[_5ʘ aEyJQ0<9<ba; ̞O4*IUxK~6bf|~!9}4^5P -` 4U2Q)y *i luogBr1J=2swZ( KֈH9]Ni|`jʋY-49^&δ[&jTFj#}8R m0v@?˷훽.h,M#vֺGڊ$3_XlϸŻHɀ4+d Ov% K5j_G5,7ƃu `q0R;V?R>έԶ)ڎqNiѥϲ`TE8&c H2ן;06bquc1Mō}A4S|~׹FȺzcg޵3rՖ3j6` rd[g61}L>v4,m§{@./u[Sڹȵ\o0|O7d'<ʶ"et 8 >\`[fO/Ձ# <4n(| Si{_4YxnGH&Wm M .7 L4BJԄWD$ &YbI x}:wW^$u"FFT}fͪysJ+ePUtW$!4S>XnҒ%q)4{tO~ 4hXՀ%B>gYJV\)sٲr^T}S5?OYMU 0Y8*AZynWZ;>*BV4BQd^H'.7m r\ABᡵaW='xbɅBe]CBL65'733lht\d@L 9/`_;/U7 j{2Yc$IqqJԋ(?Bnְ= P4 X ,t՝/w8H5H x$B6]Zd M߈B @|ڼᜍ+n&KwJpgVIfLiu#'1:U @Pӌ̂cn E.Gӄ_xc{j@6ХzÕ'$?%{uTq=Eܢ>u#2 Q)gEƌ㠺 2(%_]|sG9 3^.&N)4Y_9¨BEatIÊu9=r~x͜:P03ZUQaVO'LXf }L~!k6$չKÝD".tqf|e܁A.@\x 4=ʒ,3R⭧\T2H'J 2 aRM3kx~ضKH\6a0jx)_}BGO"[ki?X'YB Iɓx<b_ղJ;!HShpEBy!EYc$+6BUbBQ&zm 3;MO}&~#%e ( _>iޛ 1j]Mno_#Ӟ_ X:!Goq+1c)֚Gn+%HV<ϲf:ܬpZH`y};ɅJ~wazvB/?L\!O{_r9\PkImn<"l*nM /ZLLbk7f{$+ӭRéf BRylGA-V~!wgZsۻCz0z=M1UX\'``$60curX6%0"Zk<:-'RWZF&sYs&ENܒ\A7 ;@ڠ숑 ,TLY&CwUᫎU_ݙw ?˃ժZj Ĭ4mZ֓k89F"R&h!N*4%j5[&A”X Y{5\ΰ+, bH^nR6=Pg%Ո"ZAG&A.EcH +oS]x\I6߅"Z߇ZUTN2UZ۹g֋Љě= IRۊuϨ x=pr\G/L\e3=4 [`Fѷ0+c%%-bG 5vbe+2D ̕v{Anqѻ w)_t%N/`&ݕ[ytmh(ϺP>\9{ð!䯗,;U!~.χ(~aBXPy%,T' gITS$T5sgI(SH5pH ?!ЗH+lLf?K{iՕ`-GZ&мkf_9Lg9A3} ZHA yƬ+ڥIxy-i$>'jW-fgR㈁"I62OӤu͔RRi |4rmvQ:a 3)l>Z *W,Cȯi7M\RT~ۘt4xT)e{~v`oS6TK4?F,awQt dr2s#f\v!*=&) h!ρ=[v M9B"\gO͔ AJK\Eʢ/ \\`L4GC! %vWc YN3bAd3ՠxeyD7Zۮw#g+H4IPe_,ff2Opb^2(4~ &O`ӐA-ClmB𙗘#tn,$  A_VXaR-+jSx}|EB;#﭅+ =YCվ >Nu'BXzy|qoƞ _g̥+=h௓.߬~[LDŽbA0\/UwA˄Fn"|PбjlQmpXg5Z5ޏJDUY}=Ւ f y;ã`j%HC!b+@VQi`|KVhu8X́V_Wsr]v%GF\؁hgSщhݝO\ Ȍ]is/㊵63)֘qW3YDnVWa1 lTXuNs~4n=àY^}M;Y60M}=BYak F[fzs?r jÐ)OEKuHX]䮤[E)bZQN,'tgYt,FLM.{$;{oMQ!#6}_L˒,~9T{XPWж 9E43wI/e&ڄN$ ]O^^M3{\猳$rʅWzPiea)6+8Y3>SRgs"vx0Mk*:,R6t" *&_?t5ayj 5iqPՈ!/ ][ nlAf̹F?U9 LB)'ރ!va#"ͥOs8`qNecלO'D=do ^KTuʋ#oKeT֚ǎ1Wx]yړ)8Y+CwcP-G_PR暸RKbKH-8q\o/&a?DݽpоJVӌcˊ#) %ѦDc @D0Vdyba| Wy ^w{o|fE#ұI.xvN4:zٕ=jn@t᪜i%Wb MG|,*N _weC;kq6$rFe<5nf*b?/Q9Z~\wj>ǡKfx%R)KFX.B~T~_tI_5ANPəj7o9aF؆:]lRuZ UPϨ֪:1, ERF02 zFUCw~1pءfwJ'-wp%YvƂhtAYz_.ClZT}]FSuqFQubY3?8ᜱShuexvS)G+=Y&yQ,q<߅dz'~*`\>WDwa5 y\ §cv/HkU$5#"]D`kXIlpU˧hم˩Zp5Q(r@f eV}\:;A|a,GQڥ9 JIS58U\s¨ҏ]7 H. TQJn-x4ך$@@O}5x=E&`G=e9 sT0]cI!c |.ef8'I6NlhlmG^\ YZ